22nd April 2011, 23:42
#1
3 out of 3 members found this post helpful.
Mare atentie la renewals
Tocmai era sa mi-o fur prin urmatoarea metoda (mi-am dat seama in ultimul moment din neatentie):
Atacatorul alege un domeniu interesant, detinut de un user care are putine domenii inregistrate pe numele lui (reverse whois probabil) - eu am primit doar pe un mail asociat cu o singura adresa de WHOIS. Apoi, cand data de expiry se apropie, trimite un mail de forma "Domeniul tau x.com mai are 45 de zile pana la expirare. Il poti reinnoi aici: www.link catre adevarata companie unde ai inregistrat domeniul.com.
Numai ca linkul din spate (ancora e www.dynadot dot com sa zicem) e altul. Siteul insa arata complet identic. Daca bagi user+parola probabil se logheaza undeva si ramai fara domenii. Daca dai plata direct din linkul din mail, probabil ramai fara bani pe card. Siteurile se tot schimba. Si sunt domenii .co cam toate cu un singur spell. Gen o litera dublata.
UPDATE:
Pe o alta adresa de mail am primit ceva si mai interesant. Atasez mesajul numarul 2 (aici avem alt tip, cu factura proforma atasata facuta pe datele mele reale de whois).
Title: Domain Expiration - www.domeniulmeu.com
Attention: Important Notice
Domain Name to Renew: DOMENIULMEU.COM
Bill To: Invoice # 1301376232
Invoice Date Apr 22, 2011
DATELE MELE REALE DIN WHOIS
SECURE ONLINE PAYMENT -> Linkul duce aici newdomainregis.com
Domain Name Registration Price Term
DOMENIUL MEU.COM Mar 28, 2011 - Mar 28, 2012 $7.50 1 Year
Failure to complete may result in the cancellation of this offer (making it difficult for your customers to locate you using search engines on the web).
Your registration includes search engine submission.
For Domain Name:
DOMENIULMEU.COM
SECURE ONLINE PAYMENT (asta e un link)
Scris mic in antet: This is a solicitation. Domain Registration Services is not a domain name registrar and does not provide URL registrations, web hosting or email services. Domain Registration Services is a search engine ranking and submission service firm.
Pagina de landing arata asa (nu zice decat de domain renewals asta):
Invoice Details
Domain Name: DOMENIULMEU.com BILL# APR-010-837-311
Invoice Date: 22-April-2011
Bill To: Domain Owner
Attn: Domain Owner
DATELE CORECTE DE WHOIS (ADICA ADRESA SI TOT)
Domain Name
Registration Period
Price
Select Term
DOMENIULMEU.com 04/22/2011-04/22/2012 $75.00 1 Year
DOMENIULMEU.com 04/22/2011-04/22/2013 $135.00 10% Savings 2 Years
DOMENIULMEU.com 04/22/2011-04/22/2016 $280.00 25% Savings 5 Years
DOMENIULMEU.com 04/22/2011-04/22/2021 $450.00 40% Savings 10 Years
Secure Online Payment (128 Bit Secure)
Please enter your credit card information to submit your order
Name on Card:
Credit Card Number: CVV:
Expiration Date:
PS. Il mai las o zi lipicios dupa care il deselectez sa nu se supere cineva ca apare in antet.
Ultima modificare făcută de Emil; 23rd April 2011 la 00:16.
"Wire telegraph is a kind of a very, very long cat. You pull his tail in New York and his head is meowing in Los Angeles." Albert Einstein
Răspunde cu citat
)
?
Sincer, n-am inteles.
.
